Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
References
Link | Resource |
---|---|
https://kcm.trellix.com/corporate/index?page=content&id=SB10383 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 03:46
Type | Values Removed | Values Added |
---|---|---|
Summary | Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker. |
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-732 |
08 Nov 2022, 04:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:* |
|
References | (MISC) https://kcm.trellix.com/corporate/index?page=content&id=SB10383 - Vendor Advisory | |
First Time |
Microsoft windows
Mcafee Mcafee data Exchange Layer Microsoft |
|
CWE | CWE-863 |
07 Nov 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-07 12:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-2188
Mitre link : CVE-2022-2188
CVE.ORG link : CVE-2022-2188
JSON object : View
Products Affected
microsoft
- windows
mcafee
- data_exchange_layer
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource